kybaaz/linux-xiaomi-chiron
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Landlock updates for v6.1-rc1

Browse source 
-----BEGIN PGP SIGNATURE-----
 
 iIYEABYIAC4WIQSVyBthFV4iTW/VU1/l49DojIL20gUCYzxenhAcbWljQGRpZ2lr
 b2QubmV0AAoJEOXj0OiMgvbSYpMA/iWIaLAS5P1Hh5/42NKGjsxwt9sNM6tKivYP
 gJidPsq5AQCzj/21kMLPVMxCauKvMRPs84wvLd6W7JwjJvGsigefCg==
 =pDda
 -----END PGP SIGNATURE-----

Merge tag 'landlock-6.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux

Pull landlock updates from Mickaël Salaün:
 "Improve user help for Landlock (documentation and sample)"

* tag 'landlock-6.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux:
  landlock: Fix documentation style
  landlock: Slightly improve documentation and fix spelling
  samples/landlock: Print hints about ABI versions
This commit is contained in:
Linus Torvalds 2022-10-04 11:13:38 -07:00
commit 522667b24f
6 changed files with 76 additions and 54 deletions
Download patch file Download diff file Expand all files Collapse all files

10
include/uapi/linux/landlock.h
View file

@ -26,7 +26,7 @@ struct landlock_ruleset_attr {
* Landlock filesystem access rights that are not part of
* handled_access_fs are allowed. This is needed for backward
* compatibility reasons. One exception is the
* LANDLOCK_ACCESS_FS_REFER access right, which is always implicitly
* %LANDLOCK_ACCESS_FS_REFER access right, which is always implicitly
* handled, but must still be explicitly handled to add new rules with
* this access right.
*/
@ -128,11 +128,11 @@ struct landlock_path_beneath_attr {
* hierarchy must also always have the same or a superset of restrictions of
* the source hierarchy. If it is not the case, or if the domain doesn't
* handle this access right, such actions are denied by default with errno
* set to EXDEV. Linking also requires a LANDLOCK_ACCESS_FS_MAKE_* access
* right on the destination directory, and renaming also requires a
* LANDLOCK_ACCESS_FS_REMOVE_* access right on the source's (file or
* set to ``EXDEV``. Linking also requires a ``LANDLOCK_ACCESS_FS_MAKE_*``
* access right on the destination directory, and renaming also requires a
* ``LANDLOCK_ACCESS_FS_REMOVE_*`` access right on the source's (file or
* directory) parent. Otherwise, such actions are denied with errno set to
* EACCES. The EACCES errno prevails over EXDEV to let user space
* ``EACCES``. The ``EACCES`` errno prevails over ``EXDEV`` to let user space
* efficiently deal with an unrecoverable error.
*
* .. warning::